[windows2000] Re: Network Help

  • From: "Rick Fogarty" <rick@xxxxxxxxxxxxx>
  • To: <windows2000@xxxxxxxxxxxxx>
  • Date: Fri, 7 Nov 2003 09:11:23 -0500

No problem Glenn... It seems a bit odd that things don't work as expected,
but I'm really not sure if the Network Admin has things setup correctly at
the firewall level.
Connectivity does work both ways.  I can ping devices from either side of
the network.
DNS was a bit tricky... I wasn't sure how to work this one... I setup the
sat account (first) pointing back to the original DC - however, considering
the network issues, it didn't work.  So, I then changed it and set it up to
point to itself.  
Make sense?  Although, I didn't know one could setup a DNS server to serve
only one subnet (he says while searching MS' site)


-----Original Message-----
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx] On Behalf Of Sullivan, Glenn
Sent: Friday, November 07, 2003 8:59 AM
To: 'windows2000@xxxxxxxxxxxxx'
Subject: [windows2000] Re: Network Help

You mention that you have connectivity to them.  Does it work the other way?
How is the DNS set up when you add that other DC?  Is it the DNS for that
subnet?  If so, is it synched with your main DNS, so it can find the GC?
Shooting from the hip, of course...

Glenn Sullivan, MCSE+I  MCDBA
David Clark Company Inc. 

-----Original Message-----
From: Rick Fogarty [mailto:rick@xxxxxxxxxxxxx]
Sent: Friday, November 07, 2003 8:41 AM
To: W2K
Subject: [windows2000] Network Help

This is more a theory question, but I'm hoping someone will jump on board to
help me out....
Here is the way our network is setup, perhaps you can tell me why things
aren't working as expected.
On our main campus in my county, we have a T1 that is provided by the state.
That's pushed to three separate subnets - two private (172.16.12 &
172.16.20) and one public address (198.85.71.x).  Each of these subnets has
many computers that we need to manage.  I've created a new W2k3 AD domain
and at present only have one DC - all the roles reside on it.  DNS, DHCP and
Wins are setup and running flawlessly - at least for now....
The DC (Zeus) has a network card per subnet that allows each subnet to login
and get network resources.  This appears to be working fine.  I've setup a
site for each subnet and logins and name service request work well.
Now, the strange part -  We have a satellite site that has a commercial
cable modem setup providing access to 150 computers.  Each site ours and
theirs is setup with a Watchgaurd Firebox 2500.  The two sites are linked
with an encrypted VPN.  So, I can sit at my desk and tracert to a machine
over there and it traverses exactly as expected.  However, when I place a DC
over there so they can login to our domain, it can't find the global
To me, it seems that not all traffic is passing through the firewall.  Does
that sound right?  Is there a better setup for something like this?

Rick Fogarty
Coordinator, Technical Support and Computer Servicing
Sandhills Community College
3395 Airport Rd
Pinehurst, NC 28374
1(910) 695-3943
Fax 1(910)695-1823
http://www.sandhills.edu <http://www.sandhills.edu/> 

Other related posts: